ITSS Home :
Virus and Security Info
Virus & Security Information
- Using Skype for Internet-based Telephone Calls
- 10.03.07: Skype is a popular, and free, Internet telephony product that allows users to place long-distance telephone calls over the Internet.
- If you choose to use this product, please be aware that there are some security risks in its use. Some of these risks can be mitigated through careful use and proper installation.
- Skype uses peer-to-peer technology (P2P) to enable telephone calls by sharing the power of computers located all over the Internet. Users provide access to their computers, and to their networks, in order to enable this technology. Because you open access to your computer when you use Skype, you need to be aware that you may put your computer and data at risk.
- Please practice safe computing and take special care if you use Skype. Follow the guidelines given on the Safe Computing web site to safeguard your computer, your data, and the University network: Safe Computing: Skype
- Fake e-cards/postcards
- 07.05.07: We're seeing a significant increase in incoming "Storm Worm" fake e-card emails. These emails contain a link to a malicious website that, when visited, automatically installs malware on the user's system.
- Detecting the fakes: The fakes are difficult to identify as the subject lines continue to change ("4th Of July Celebration," "Celebrate Your Nation," "July 4th Fireworks Show," etc. ). Additionally, they spoof many legitimate sites such as hallmark.com, VintagePostcards.Com, funnypostcards.com, americangreetings.com, mypostcards.com, and others.
- However, one common thread is that the postcard/e-card is from an unnamed source, i.e, an admirer, class-mate, colleague, family member, friend, mate, neighbor, partner, school friend, school mate, etc. For example:
- "Hi. Class mate has sent you a postcard.
See your card as often as you wish during the next 15 days." - What to do: If you receive one of these fake e-cards, delete it. If you think you may have already visited a malicious site, your computer should be reviewed and/or cleaned. Contact the ITSS Help Desk (x8847) for more information.
- Options for Storing Private Data
- 05.07: University policy states that if you store private data on your laptop or desktop, you must take steps to encrypt the data to help prevent unauthorized disclosure of private data. Data encryption software is available in many forms but requires quite a bit of technical expertise to run. An alternative is to store private data on a central system server, and there are a number of options available. For more information, see: Desktop Security: Options for Storing Private Data.
- Email and Private Data
- 04.07: Partnering with the Office of Information Technology, the University Privacy & Security Office produced the Public Jobs: Private Data Security Training. The program covers security measures required for handling private data protected under federal and state laws as well as University policies. Employees learn to identify security issues, how to protect data and hardware, and the protocol for responding to a security problem. For more information, see: Desktop Security: Email and Private Data.
- Secure Data Deletion
- 03.07: All faculty, staff, and student employees are required to guard the privacy of any private data the University of Minnesota stores and maintains electronically. This includes disposing of any storage devices securely. The University of Minnesota Standard on Secure Data Deletion is an official policy. For more information, see: Secure Data Deletion.
- What is private data?
- 11.06: University faculty and staff are required to manage private data. To do that, one must know the meaning of the term private data and what it means to protect it. For more information, see: Desktop Security: Managing Private Data.
- Managing Private Data
- 10.06: All students, faculty and staff recently received an email correspondence from OIT Security regarding safe-guarding private data. According to OIT's web site: "The University of Minnesota values the privacy of every member of its community, but protecting private data is more challenging than it's ever been. We read or hear, almost daily, about incidents in which private data has been compromised through theft, negligence or ignorance. As a result, we all need to take responsibilities for understanding what legally protected private data is and how we can protect it." For more information, see: Managing Private Data
- P2P File Sharing
- 09.06: Peer-to-peer (P2P) software is generally considered unacceptable to use on the University network, except in rare situations. P2P and anonymous file sharing programs on your computer can inadvertently allow access to your entire computer. P2P file sharing networks have also recently been used to spread viruses and worms. For more information, see: Desktop Security: P2P File Sharing.
Note further that use of Skype has been tied to a virus (worm) for Windows: Skype warns users of Windows worm